Research on data breaches is scattered across disciplines and methodologies. To help consolidate it, we review 43 articles on data breaches’ antecedents and 83 on their consequences. We find eight different categories each for antecedents and consequences. Most research is empirical-quantitative and employs an organizational unit of analysis. Theoretical lenses discovered range from a data breach as organizational crisis to criminological and privacy-specific theories. Our review provides researchers and practitioners with a synthesis of extant research and elaborates on future implications for data breach literature.